Skip to content

Commit e2c14b0

Browse files
authored
Merge pull request #558 from wesinator/business_impact_disc
Sensitive Data Exposure categories - update business impact, steps
2 parents 62ad314 + ce668a3 commit e2c14b0

4 files changed

Lines changed: 12 additions & 8 deletions

File tree

submissions/description/sensitive_data_exposure/visible_detailed_error_page/descriptive_stack_trace/template.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,12 +4,13 @@ The descriptive stack trace leaked by this application shows versions of softwar
44

55
**Business Impact**
66

7-
This vulnerability can impact customers’ trust in the application which can result in reputational damage for the business and indirect financial losses.
7+
This vulnerability could enable attacker exploitation that will disrupt product or service availability,
8+
leading to financial loss and impact customers’ trust in the application.
89

910
**Steps to Reproduce**
1011

1112
1. Use a browser to navigate to: {{URL}}
12-
1. Observe detailed error message showing a descriptive stack trace
13+
2. Observe detailed error message showing a descriptive stack trace
1314

1415
**Proof of Concept (PoC)**
1516

submissions/description/sensitive_data_exposure/visible_detailed_error_page/detailed_server_configuration/template.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,12 +4,13 @@ The detailed server configuration leaked by this application shows which version
44

55
**Business Impact**
66

7-
This vulnerability can impact customers’ trust in the application which can result in reputational damage for the business and indirect financial losses.
7+
This vulnerability could enable attacker exploitation that will disrupt product or service availability,
8+
leading to financial loss and impact customers’ trust in the application.
89

910
**Steps to Reproduce**
1011

1112
1. Use a browser to navigate to: {{URL}}
12-
1. Observe detailed error message showing detailed server configuration
13+
2. Observe detailed error message showing detailed server configuration
1314

1415
**Proof of Concept (PoC)**
1516

submissions/description/sensitive_data_exposure/visible_detailed_error_page/full_path_disclosure/template.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,12 +4,13 @@ The full path disclosure leaked by this application displays implementation info
44

55
**Business Impact**
66

7-
This vulnerability can impact customers’ trust in the application which can result in reputational damage for the business and indirect financial losses.
7+
This vulnerability could enable attacker exploitation that will disrupt product or service availability,
8+
leading to financial loss and impact customers’ trust in the application.
89

910
**Steps to Reproduce**
1011

1112
1. Use a browser to navigate to: {{URL}}
12-
1. Observe detailed error message showing the full path disclosure
13+
2. Observe detailed error message showing the full path disclosure
1314

1415
**Proof of Concept (PoC)**
1516

submissions/description/sensitive_data_exposure/visible_detailed_error_page/template.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,13 @@ Visible detailed error pages are a result of improper error handling which intro
22

33
**Business Impact**
44

5-
This vulnerability can impact customers’ trust in the application which can result in reputational damage for the business and indirect financial losses.
5+
This vulnerability could enable attacker exploitation that will disrupt product or service availability,
6+
leading to financial loss and impact customers’ trust in the application.
67

78
**Steps to Reproduce**
89

910
1. Use a browser to navigate to: {{URL}}
10-
1. Observe detailed error message
11+
2. Observe detailed error message
1112

1213
**Proof of Concept (PoC)**
1314

0 commit comments

Comments
 (0)